Data Retention Terms

This page describes the legal terms on which we collect, use and retain your details relating to the usage of this site and future publications.

To ensure everything is covered and understood, we have had to have this drawn up by our solicitors so therefor it is fairly long and detailed, as it has to be.

However, the sentiment behind this statement is that;

  • We will NEVER pass your details on to any third party without your express permission.
  • We will endeavour to keep your detail as safe as we can against other users of this site, and external sources.
  •  You have the ability to update and remove your details at any time up to the extraction period for publication, which you will be informed of.

We would like to express our sincere gratitude to you for trusting that we will do everything in our power to keep your details safe and secure.

Michael Yakumi  



This Policy’s purpose is to ensure that personal data is not retained for longer than allowed by applicable data protection laws (‘DP Laws’) and contracts or other interactions with stakeholders (including employees, customers, suppliers, partners, regulators and investors). 


This policy applies to all personal data processed by Michael Yiakoumi and, as appropriate, those acting on its behalf.


In this policy, we use definitions from the GDPR unless otherwise stated.

  • ‘Controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
  • ‘GDPR’ means the EU General Data Protection Regulation, 2016/679.  As a regulation, the GDPR has effect throughout the EU without the need for further implementation by Member States such as the UK. 
  • ‘Legal Hold’ means the situation when Information (which may include personal data) has to be retained for the purposes of a legal action or claim, anticipated legal action or claim, an audit, a government investigation or for another legal reason, usually (but not necessarily) declared by Legal.
  • ‘Personal data’ has the meaning from the GDPR, meaning any information relating to an identified or identifiable natural person (‘data subject’), which in turn means a person who can be identified, directly or indirectly from the information.  However, Michael Yiakoumi stated policy is to comply with all DP Laws, whichever definition is used.  For example, laws of the USA or States in the USA refer to ‘personally identifiable information’. 
  • ‘Processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.


The Policy

Where Michael Yiakoumi is legally obliged to retain personal data for a specified minimum or maximum period by law, regulation, court order or otherwise, Michael Yiakoumi shall retain the required personal data for that minimum or maximum period.

Subject to the above, Michael Yiakoumi shall retain personal data as long as is necessary for the purpose for which the personal data was collected, subject to the valid exercise of any data subject right, including to withdraw consent (and there is no other legal basis to process the personal data), to object to processing, to require restriction of processing or erasure of the personal data, and there is no ground on which to refuse the exercise of such right.

  • The type of personal information we collect


We currently collect and process the following information:

    • Personal identifiers, contacts and characteristics (for example, name and contact details)
    • It is solely for the collection for information for the Cypriot Who’s Who no contact details will be included in the publication and will not be passed onto a third party.
    • The information that will be included in the publication will be
    • Name, Date of Birth, Marital Status, Children, Schools and Colleges, hobbies and interests and personal profile.



Unless there is a Legal Hold on the personal data, at the end of the retention period for particular personal data, that personal data shall be anonymised or securely deleted or destroyed under our Information Deletion & Destruction Policy.  Where there is a Legal Hold on the personal data, it shall be retained for the duration of the Legal Hold and then, unless there is a valid, applicable retention period, be anonymised or securely deleted or destroyed under our Information Deletion & Destruction Policy

Michael Yiakoumi as ‘controller’ and ‘processor’

A person cannot be the controller and processor of the same personal data for the same purpose as the controller determines the purposes and means of processing (the ‘why’ and ‘how’) and the processor only processes on the controller’s behalf.

While, in all cases, processing must be in accordance with applicable DP Laws:

  • where Michael Yiakoumi is the controller, we will comply with this policy; and
  • where Michael Yiakoumi is the processor, we will comply with instructions from the controller provided that they are not contrary to applicable DP Laws.


Approved Codes of Conduct & Certifications

The GDPR allows for approval of codes of conduct (Article 40) and certification mechanisms (Article 42). Adherence to an approved code or certification mechanism may be used as an element by which to demonstrate compliance with various requirements in the GDPR.  If necessary or appropriate, Michael Yiakoumi will review such codes and certification mechanisms for relevance and fit for our operations.



If you become aware of a breach of this policy, you must report it promptly to the Privacy Officer at

Our contact details

Name: Michael Yiakoumi Cypriot Whos Who

Address:111 St Thomas’s Road, London N4 2QJ

Phone Number: 07958 207412



The Privacy Officer is responsible for maintaining this policy and related training and awareness programs.